System Administation: Maximizing System Security, Part 1

A lot of UNIX security is based on passwords, and in this first part of a two-part article, Æleen helps explain many of thei issues involved in setting up and maintaining passwords on Linux systems. Next month's installment will cover other system security issues.

One of the most hackneyed cliches in all
of UNIX culture is that UNIX security is a contradiction in terms.
While things aren't quite as hopeless as this cynical view, it is
important to realize that a secure system is something you create,
not something you get automatically when you install any current
Linux distribution (or any other UNIX operating system for that
matter).

This article provides an overview of UNIX security issues,
and discusses the resources and tools available to Linux system
administrators or anyone responsible for administering a Linux
system—which are not necessarily synonymous. It considers what
the most important issues are and what exists to defend the system.
And since many of the most egregious “UNIX” security problems are
actually vulnerabilities in TCP/IP networking and its component
protocols, we naturally consider network security issues, as well
as those relevant to an isolated computer system.

What is Security?

General discussions of computer security traditionally focus
on the types of losses that can result from inadequate security
measures:

Loss of equipment. The first or last threat to any
computer system (depending on your point of view) is the loss of
the computer itself. This can result from a variety of causes:
theft, fire, water, earthquakes and other natural disasters,
vandalism, and accidents (e.g., a user spilling coffee on
it).

Loss of data. This type of loss can also occur in a
variety of ways: data could be obtained by someone who should not
have it (for example, a competitor), files could be accidentally or
deliberately damaged or destroyed, or information that should have
remained private could become publically accessible or
broadcast.

Loss of use. A third type of loss can occur when
neither the equipment nor its data is damaged, destroyed or
removed, but the system is nevertheless unable to perform some or
all of its normal functions. For example, an extended power outage
could cause such a loss of use; the 1988 Internet worm incident is
an example of software rendering a computer unusable.

Depending on your situation, some of these threats are
obviously more potentially hazardous to you than others.

Effective thinking about security begins by considering
potential losses rather than potential threats, because doing so
allows you to place the threats in the context of your system and
thereby make appropriate choices about how to prevent and address
them. For example, every system has the potential of being broken
into by an unauthorized person. However, the specific nature of
that threat changes depending on the sort of loss that would be its
most serious consequence—as do the corresponding measures to
prevent the loss.

A successful intruder always has the potential to alter or
destroy any file on the system, so every system needs to guard
against and have a plan for recovering from that eventuality. In
addition, for a system containing sensitive or proprietary data
(customer credit card numbers, source codes for software products
under development, and so on) one might need to consider ways of
securing such data even from the root account. On the other hand,
if loss of use is the primary loss against which a system needs to
be protected, then devising ways of quickly identifying and
neutralizing such an attack is much more important than providing
extra security for any of the data on the system.

As these scenarios suggest, security involves more than just
prevention against attacks. Equally important components of
computer security are the recovery plans which specify what to do
when something goes wrong. Computer security is not something you
think about once in a while, but rather something that is an
integral part of your thinking and actions in every administrative
activity you perform. It includes the following concerns (not all
of which will necessarily apply to any specific system):

Physical system access

Theft prevention—locks and so on

Prevention of physical and electronic
vandalism

Ensuring continuous power via an uninterruptible
power supply (UPS) unit

Fire control systems, surge suppressors, and other
devices to prevent damage from the external environment

User authentication: passwords and other
mechanisms

Modem access (dialin and dialout)

File ownership and protection

Encryption of very sensitive or private data

Network access policies and network software
configuration

NFS configuration

Procedures and policies related to building,
testing, installing and using public domain software

Backup procedures

Secure storage of backup media (including offsite
copies)

Storage of original operating system media

Disaster recovery plans

User training for good security practices

A thorough discussion of all of these topics would consume
several entire issues of Linux Journal, so we
focus on operating system-level protections and solutions useful
for Linux systems, in terms of both “standard” features and
useful additional packages. Security facilities offered by the
various Linux distributions vary considerably, but no current
distribution includes everything that a prudent system
administrator would want to have and use.

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.